Hackers Steal $30M In User Funds From Crypto DeFi Platform Grim Finance

DeFi protocol Grim Finance is revealing that hackers stole $30 million of user funds from the platform over the weekend.

What Happened: In a Twitter announcement on December 18, Grim Finance told users that it had identified the attackers' wallet address, which contained over $30 million worth of stolen funds.

“This was an advanced attack,” noted the DeFi platform, explaining that the exploit was carried out using a malicious token contract which started 5 reentrancy loops. This allowed the hackers to fake five additional deposits into a vault while the platform is processing the first deposit.

“We have paused all of the vaults to prevent any future funds from being placed at risk, please withdraw all of your funds IMMEDIATELY,” stated Grim Finance.

The platform said it has notified stablecoin issuers Circle USDC/USD and DAI, as well as the decentralized exchange AnySwap to potentially freeze fund transfers from the attackers' wallet address.

Grim Finance, built on the Fantom FTM/USD blockchain, lets users earn staking rewards and harvest yields through its Grim Vaults.

After the exploit, Total Value Locked (TVL) in the protocol fell from $98 million to $4.3 million as the majority of users likely withdrew their funds from the Vaults.

The rising popularity of DeFi has led to a growing number of similar attacks as hackers take advantage of flaws of the emerging industry.

Photo by NeONBRAND on Unsplash

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In:
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!